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ArnendmeTitg to the Claimsi 

The following listing of claims will replace all prior versions, and Ustings, of claims 

in the application: 

1 . (Currently Amended) A method for control and maintenance of an operational 
organizational structure, involving cryptographic control and maintenance of entities within 
one or more busmess.organizations, the method being automated using a computing device. 

the method comprising: 

associating r^tom-anhic cn pahilities with electronic representations of entities wW»n 
^rpan^-zarioTi al fitmcture of t h ^ one or more bnsiness organizationg with oryptographic 
c apabilities; 

organizing entities within the organizational strucmre as roles through associating the 
electronic representations of entities with electronic representations of roles; and 

upon any addition, deletion or modification of an entity, a cryptographic capabiUty, or 
any of their associations, maintaining roles within the organizational structure by adding, 
deleting or modifying electronic representations of the entities, cryptographic capabilities, 
roles, or any of their associations. 

2. (Original) A method as in claim 1, wherein the method involves at least a pubUc 
key infrastructure operation. 

3. (Original) A method as in claim 1 wherein the control and maintenance further 
comprises: 

assigning elements in said organizational structure to roles within said organizational 
structure. 

4. (Original) A method as in claim 1 wherein the control and maintenance further 
comprises: 

assigning elements in said organizational structure to groups within said 
organizational structure. 

5. (Canceled) 
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6. (Original) A method as in claim 3 wherein at least some of said elements are 
already grouped elements. 

7. (Previously Presented) A method as in claim 1 wherein said method involves 
access control technology. 

8. (Previously Presented) A method as in claim 1 wherein said method involves at 
least an access control operation. 

9. (Previously Presented) A method as in claim 1 wherein said method involves at 
least a data-base operation. 

10. (Previously Presented) A method as in claim 1 wherein said method involves at 
least one operation implemented in a hardware device. 

11. (Previously Presented) A method as in claim 1 wherein the operational 
organizational structure represents at least one commercial organization. 

12. (Previously Presented) A method as in claim 1 wherein the operational 
organizational sttuoture represents at least two orgamzations, and wherein one of said 
organizations performs at least one function on behalf of another of said organizations. 

13. (Previously Presented) A method as in claim 1 wherein the method further 
comprises changing software whose authorization is checked. 

14. (Previously Presented) A method as in claim 1 wherein the method further 
comprises changing hardware. 

15. (Previously Presented) A method as in claim 1 wherein the method further 
comprises moving hardware. 

16. (Currently Amended) A system for control and maintenance of an operational 
structure involving at least one cryptographic method, entities writhin ftbnsmess 
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organizations, characteristics of said entities and relationships between said entities, wherein 
the system comprises code executable by a computing device to: 

maintain electronic representations of capabilities of entities of a business 

organization; 

maintain electronic irepresentations of ftmctions of 5aid.entities; 

maintain electronic representations of characteristics of saMentities; 

maintain electronic representations of relationships of said.entities; and 

change the maintained electronic representations of said entities said characteristics 
and said relationships upon an addition, deletion, or modification of a characteristic or 
relationship of the entities. 

17. (Previously Presented) A system as in claim 16 where at least one of said entities 
is an individual in an organization. 

18. (Previously Presented) A system as in claim 16 where at least one of said entities 
is a group of individuals in an organization. 

19. (Original) A system as in claim 16 where at least one capability is a role in an 
organization. 

20. (Original) A system as in claim 16 where at least one capability is a task in an 
organization. 

21. (Original) A system as in claim 16 where at least one function is an operation by a 
functionary in an organisation. 

22. (Original) A system as in claim 16 where at least one fimction is an operation by a 
group of fimctionaries in an organization. 

23. (Original) A system as in claim 16 where said entities in an organization are 
represented in a public key infrastructure directory. . 
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24. (Original) A system as in claim 16 where at least one of said characteristics and 
said relationships is represented in a directory. 

25. (Previously Presented) A system as in claim 16 where at least one of said 
characteristics, at least one of said relationships, or both is represented in a public key 
infrastructure directory. 

26. (Previously Presented) A system as in claim 16 where an operation of said system 
involves updating at least one directory. 

27. (Previously Presented) A system as in claim 16 where an operation of said system 
involves updating at least one public key infrastructure directory. 

28. (Previously Presented) A system as in claim 16 where said code to change said 
maintained elements comprises code to change information processing control structure. 

29. (Previously Presented) A system as in claim 16 where said code to change said 
maintained elements comprises code to change cryptographic certification information within 
the public-key infirastructure directories. 

30. (Previously Presented) A system as in claim 1 6 where said code to change said 
maintained elements comprises code to change databases. 

31. (Previously Presented) A system as in claim 16 where said code to change said 
maintained elements comprises code to change cryptographic certification information within 
the pubhc-key infrastructure directories and funher database changes. 

32. (Original) A system as in claim 16 where said entities, said characteristics and 
said relationships are maintained by combining databases components and components of 
certification authorities of a public key infrastructure. 

33. (OriginaJ) A system as in claim 16 where said entities are represented in one 
directory and said cbaracteristics and said relationships are represented in a second directory. 
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34. (Previously Presented) A system as in claim 16 where said entities arc 
represented in at least a first directory and said characteristics and said relationships are 
represented in at least a second directory. 

35. (Original) A system as in claim 16 comprising observers, where said entities said 
characteristics and said relationships are partially visible to various observers. 

36. (Previously Presented) A system as in claim 1 6 where an operation of said system 
comprises cryptographic key management operations. 

37. (Previously Presented) A system as in claim 16 where an operation of said system 
is activated by at least one designated entity amongst said entities. 

38. (Previously Presented) A system as in claim 16 where an operation of said system 
is activated based on agreed upon rules. 

39. (Previously Presented) A system as in claim 16 where an operation of said system 
is activated based on authorizations. 

40. (Previously Presented) A system as in claim 16 where an operation of said system 
comprises database maintenance operations involving said entities said characteristics and 

said relationships. 

41. (Original) A system as in claim 16 where said characteristics and said 
relationships define authorization rules. 

42. (Original) A system as in claim 16 where said characteristics and said 
relationships define authorization rules based on access structure. 

43. (Original) A system as in claim 16 where said characteristics and said 
relationships define authorization rules based on cryptographic capability. 
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44. (Original) A system as in claim 16 where said gbaracteristics and said 
relationships define authorization rules based on shared cryptographic capability. 

45. (Original) A system as in claim 16 with the additional operations of logging said 
system's operations. 

46. (Original) A system as in claim 16 with the additional operations of logging said 
system's operations, where said logging is performed in various locations in said system. 

47. (Original) A system as in claim 16 with the additional operations of monitoring 
operations within said system. 

48. {Original) A system as in claim 16 with the additional operations of time-stamping 
operations within said system. 

49. (Original) A system as in claim 16 where at least one of said system's operations 
is performed distributedly via communication. 

50. (Original) A system as in claim 16 where at least one of said system's operations 
is a distributed database operation. 

51. (Original) A system as in claim 16 where at least one of said system's operations 
involves physical handling of devices to one of said eatities. 

52. (Currently Amended) A database system embodied in a tangible medium 
representing aa a business o rganization involving directories representing entities within said 
T.ncir.^.=^ r^rffaniratior.. their characteristics, roles, and relationships together with their 
associations with cryptographic capabiUties, the database system comprising the following 

transactional components: 

connection to cryptogr^hic authorities representing the cryptogr^hic capabiUties 
associated with said entiries, said characteristics and said relationships; 

a maintenance system embodied in a tangible medium by which said database and 
said cryptographic authorities are maintained in coordination and by authorized parties 
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assuring the representation of said oxganization and said cryptographic capabihties are 
soundly associated as defined by coordination directives; and 

maintenance transactions acting within said maintenance system, maintaining a view 
representing said a B-organization. 

53. (Original) A system as in claim 52 wherein said organization comprises a plurality 
of entities. 

54. (Original) A system as in claim 52 wherein said cryptographic authorities is a 
plurality of at least one certification authorities. 

56. (Original) A system as in claim 52 wherein said cryptographic authorities is a 
plurality of authorities organized hierarchically, 

57. (Original) A system as in claim 52 wherein said authorized parties are maintained 
by another instantiation of the system, 

58. (Previously Presented) A system as in claim 52 wherein said authorized parties are 
assigned by management of said organization. 

59. (Previously Presented) A system as in claim 52 wherein said coordinating 
directives involve cryptographic fields assuring integrity of the operation. 

60. (Original) A system as in claim 52 wherein said maintaining view representing an 
oiganizationmay present different characteristics and components to different outside 
reviewers. 

61. (Original) A system as in claim 52 wherein said cryptographic capabiUties involve 
digital certificates. 

62. (Previously Presented) A system as in claim 52 wherein said organization 
comprises various organizational units. 



PAGE 10/18 * RCVD AT 6/2112007 6:25:21 PM [Eastern Daylight Time] * SVR:USPTO-EFXRF-3/21 * DNiS:273S300 ' CSiD:703 770 7901 * DUIUTiON (mm-ssj:05-04 



06-21-07 06:29pm Frora-PILLSBURY WINTHROP 703-770-7801 T-550 P. 011/018 F-404 

FRANOKEL ET AL. ~ 09/503,181 
Client/Matter: 061047-0265650 

63. (Previously Presented) A system as in claim 52 wherein said organization 
comprises various organizational units where entities are defined in one unit and their roles 
are defined within a second unit. 

64. (Previously Presented) A method as in claim 1 where a plurality of entities are 
electronically visible to one pan of the organization, a first set of outside viewers, or both, 
and roles or characteristics thereof are electronically visible to another part of the 
organization, a second set of outside viewers, or both. 

65. (Previously Presented) A method as in claim 1 where maintaining of roles within 
the organizational structure is protected and can be perfonned only by an authorized party 
inside or outside the organization. 

66. (Previously Presented) A system as in claim 16 where a pluraHty of entities are 
electronically visible to one part of the organization, a first set of outside viewers, or both, 
and roles or characteristics thereof are electronically visible to another part of the . 
organization, a second set of outside viewers, or both. 

67. (Previously Presented) A system as in claim 16 where change to the maintained 
electronic representations of said entities said characteristics or said relationships is protected 
and can be performed only by an authorized party inside or outside the organization. 
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